Ensure Azure App Service Web app uses the latest Java version

Error: Azure App Service Web app does not use the latest Java version

Bridgecrew Policy ID: BC_AZR_GENERAL_60
Checkov Check ID: CKV_AZURE_83
Severity: LOW

Azure App Service Web app does not use the latest Java version

Description

Azure App Service web applications developed with the Java software stack should use the latest available version of Java to ensure the latest security fixes are in use.

Fix - Buildtime

Terraform

Resource: azurerm_app_service
Argument: java_version - (Optional) The version of Java to use. If specified java_container and java_container_version must also be specified. Possible values are 1.7, 1.8 and 11 and their specific versions - except for Java 11 (e.g. 1.7.0_80, 1.8.0_181, 11)

resource "azurerm_app_service" "example" {
  ...
  site_config {
+   java_version = "11"
  }
}

Updated 4 months ago